Lucene search
HistoryJun 08, 2024 - 4:15 p.m.
CVE-2024-35678
cve-2024-35678
improper neutralization
special elements
sql injection
bestwebsoft contact form
contact form to db
CVSS3
8.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
EPSS
0
Percentile
9.0%
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in BestWebSoft Contact Form to DB by BestWebSoft.This issue affects Contact Form to DB by BestWebSoft: from n/a through 1.7.2.
Related
cvelist
cvelist
vulnrichment
vulnrichment
wpvulndb
wpvulndb
cve
cve
CVE-2024-35678
2024-06-08 16:15:09
wordfence
wordfence
CVSS3
8.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
EPSS
0
Percentile
9.0%
Related for NVD:CVE-2024-35678